Privacy Policy
Effective December 13, 2025
This Privacy Policy applies to the Tapling mobile application (the "App") with bundle identifier com.buildergroup.Tapling, available on the Apple App Store, and the website tapling.app and all its subdomains (the "Sites"), together with all related services (the "Services"), owned and operated by Benno Kohrs (Sole Proprietor Business, collectively, "Benno Kohrs", "we", "us", or "our"). This Privacy Policy describes how we collect, use, share, and secure the personal information you provide to us. It also describes your choices regarding use, access, correction, and deletion of your personal information.
1. Definitions
Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use an application or online service.
The mobile application (App) refers to the Tapling iOS application available through the Apple App Store. The App provides interactive features including keyboard functionality, collectible management, and game-related features.
The website refers to all public-facing informational pages on tapling.app. This includes content such as homepage, about us, contact information, product descriptions, and support resources.
2. What Data We Collect
We collect both information you knowingly and actively provide us when using or participating in any of our services and promotions, and any information automatically sent by your devices in the course of accessing our products and services.
We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.
We do not sell your personal information or any data you enter into our Services in any way.
Third-party Services and Sub-processors
We share certain information with companies that may be considered our "sub-processors" under GDPR. This information is limited to the following:
Required for the Website
The following services are required for the operation of the website:
- Vercel: We use Vercel to host our website and static assets. Privacy Policy of Vercel.
| Company | Purpose | Information Collected | | ------- | ---------------------- | --------------------- | | Vercel | Hosting infrastructure | IP address |
Required for the App
The following services are required for the operation of the App:
- Apple App Store: Distribution and updates of the App. Apple Privacy Policy.
| Company | Purpose | Information Collected | | --------------- | ---------------------- | --------------------- | | Apple App Store | App distribution | App usage data |
Please note that these services only receive your personal information when necessary for providing our core service functionality. For example:
- Vercel provides hosting infrastructure and only processes data necessary for website delivery
- Apple App Store handles App distribution and updates in accordance with Apple's platform requirements
Please note that we carefully select our service providers and only work with companies that maintain high standards of security and comply with applicable data protection regulations.
Data Sharing and Disclosure
Beyond our service providers, we may share your personal data in the following circumstances:
Disclosure to Authorities
We may disclose your personal data to authorities when required by law or in response to valid requests by public authorities. This includes disclosing information to:
- Comply with legal obligations, court orders, or government requests
- Protect and defend our rights or property
- Prevent or investigate possible wrongdoing in connection with our services
- Protect the personal safety of users or the public
- Protect against legal liability
Professional Service Providers
We may share your personal data with professional advisors including lawyers, auditors, and accountants who provide services to us and are bound by confidentiality obligations.
Legal Basis for Processing
We process your personal data based on the following legal grounds under Article 6 of the GDPR:
- Legitimate interests (Art. 6(1)(f)) - for improving our services, analytics, and business operations
- Contract performance (Art. 6(1)(b)) - for providing our services and fulfilling our obligations to you
- Consent (Art. 6(1)(a)) - where you have explicitly agreed to specific processing activities
- Legal obligation (Art. 6(1)(c)) - where required by applicable laws and regulations
3. How We Collect Information
We collect the following personal information from you:
Information That You Provide to Us About Yourself
When you use our Services, we may request information such as:
- Contact Information: such as name and email address (if you contact us)
- App Data: Collectibles, preferences, and game progress stored locally on your device
We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with the purpose of providing you with our Service's core features.
Please be aware that we may combine information we collect about you with general information or research data we receive from other trusted sources.
Information Collected Automatically
When you visit our website, our servers automatically log standard data provided by your web browser. This may include your device's Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit.
Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error occurred, and other technical information related to the problem. You may or may not receive notice of such errors, even in the moment they occur, or what the nature of the error is.
Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.
Information Collected After Opt-In Permission
Keyboard Extension
The App includes a keyboard extension that requires "Full Access" permission to function properly. When you enable the keyboard extension, iOS may request Full Access permission. This permission allows the keyboard to:
- Provide autocomplete and suggestion features
- Access text you type for the purpose of providing keyboard functionality
- Store keyboard preferences and settings locally on your device
Important: The keyboard extension processes text input locally on your device. We do not transmit, store, or access the content you type through our servers. All keyboard functionality operates entirely on your device, and you can disable or remove the keyboard extension at any time through your iOS Settings.
Website Cookies
Upon your consent, we use cookies and similar technologies to collect information about your location and your activities on our website, as well as information about your device and log information. These technologies collect anonymized Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data.
You can control the use of cookies at the individual browser level. If you choose to disable cookies, it may limit your use of certain features or functions on our website or service.
4. Security
The security of your personal information is important to us. We implement adequate measures to protect the personal information submitted to us, both during transmission and once it is received. The App stores data locally on your device using Apple's standard data storage APIs, which are protected by Apple's built-in security mechanisms, including device encryption and App Sandbox restrictions. We restrict access to personal information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our service. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. If you have any questions about the security of your personal information, you can contact us at the contact information below.
5. Rights with respect to your information
You always retain the right to withhold personal information from us, with the understanding that your experience of our App or website may be affected. We will not discriminate against you for exercising any of your rights over your personal information. If you do provide us with personal information you understand that we will collect, hold, use and disclose it in accordance with this privacy policy. You retain the right to request details of any personal information we hold about you.
If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person's consent to provide the personal information to us.
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email-database or opt out of communications. Please be aware we may need to request specific information from you to help us confirm your identity.
If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.
If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
Your rights
- Withdraw your consent at any time. Your have the right to withdraw consent where your have previously given your consent to the processing of your Personal Data.
- Object to processing of your Data. Your have the right to object to the processing of your Data if the processing is carried out on a legal basis other than consent.
- Access your Data. Your have the right to learn if Data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. You have the right to verify the accuracy of your Data and ask for it to be updated or corrected.
- Restrict the processing of your Data. You have the right, under certain circumstances, to restrict the processing of your Data. In this case, we will not process your Data for any purpose other than storing it.
- Have your Personal Data deleted or otherwise removed. You have the right, to obtain the erasure of your Data from us.
- Receive your Data and have it transferred to another controller. You have the right to receive your Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on your consent, on a contract which you is part of or on pre-contractual obligations thereof.
- Lodge a complaint. You have the right to bring a claim before your competent data protection authority.
How to exercise these rights
To exercise your rights, such as requesting or deleting your data, please contact us through the contact details provided below. Requests can be exercised free of charge and will be addressed by us as early as possible and always within one month.
6. International Data Transfers
Some of our service providers are located outside the European Economic Area (EEA), including in the United States. When we transfer your personal data to these providers, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) - We use European Commission-approved Standard Contractual Clauses with our US-based service providers
- Adequacy Decisions - We transfer data to countries that the European Commission has determined provide adequate protection
- Additional Safeguards - We implement additional technical and organizational measures where necessary to ensure your data remains protected
These transfers are necessary for providing our services and are conducted in accordance with applicable data protection laws.
7. Business Transactions
If we are involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy. The new owners may use your personal data in the same way as set out in this privacy policy.
8. Data Retention
We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements. In certain circumstances, we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
Even if you delete your account, keep in mind that deletion by our third-party providers may not be immediate, and the deleted information may persist in backup copies for a reasonable period of time.
All data you enter into our Service will be deleted from our databases within 30 days of you deleting your account or uninstalling the App. Additionally, any remaining information will be removed from our backups within 3 months after account deletion. Since the App currently stores data locally on your device, you can delete all App data by uninstalling the App. If you wish for your personal data to be completely removed from any third-party services we may use in the future, please send us an explicit request via email. Include your user details and a brief description of your request to facilitate the prompt processing of your data deletion.
9. Policy regarding children
We do not aim any of our products or services directly at children under the age of 13, and we do not knowingly collect personal information about children under 13.
10. Limits of our policy
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
11. Changes to this policy
At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.
If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.
If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.
12. Contact
If you have questions or concerns about this privacy policy, please contact us at support@tapling.app.